TPRM Manager

• Due Diligence Risk Assessment: Perform thorough due diligence on third party vendors, evaluating operational, security, compliance, and financial risks.
• Vendor Monitoring Reporting: Continuously assess and monitor third party risks, security postures, and contract compliance. Report risk status to senior management.
• Risk Mitigation Incident Management: Implement risk mitigation strategies and lead incident management for third party breaches or failures.
• Cross Department Collaboration: Work with procurement, legal, IT, and other business units to ensure third party contracts and security align with risk management strategies.

Technical Skills Tools:

• Risk Management Tools: Experience with RSA Archer, MetricStream, or LogicManager for risk assessments, vendor scoring, and compliance tracking.
• Security Monitoring: Proficiency in SIEM tools like Splunk, IBM QRadar, and ArcSight for detecting, analyzing, and managing third party security events.
• Vulnerability Management: Hands on experience with Tenable.io, Qualys, or Rapid7 Nexpose for vulnerability scanning and management.
• Third Party Management Platforms: Familiarity with OneTrust, ProcessUnity, or Prevalent for ongoing third party risk assessments and monitoring.
• Incident Response: Experience using tools like ServiceNow or PagerDuty for handling third party security incidents and coordinating remediation actions.
• IAM Tools: Working knowledge of Okta, CyberArk for ensuring secure vendor access to bank systems.

Qualifications:

• Education: Bachelors degree
• ISO/IEC 27001 Lead Implementer
• PCI DSS
• Certified Information Systems Auditor (CISA)
• Strong analytical skills with the ability to assess and mitigate complex third party risks.
• Excellent communication and stakeholder management skills.
• Ability to navigate regulatory environments and ensure compliance with third party risk policies.
• Ability to drive strategic risk management initiatives while handling day to day operational challenges.